How to scan your ruby or JS project for security improvements, for free.

This page summarizes the projects mentioned and recommended in the original post on

Our great sponsors
  • Onboard AI - Learn any GitHub repo in 59 seconds
  • InfluxDB - Collect and Analyze Billions of Data Points in Real Time
  • SaaSHub - Software Alternatives and Reviews
  • bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

    Good news! There’s a free open-source tool that can scan your code, check for known risks, and give you a list of things that need fixing. All are sorted by how risky the code is—based on things like how sensitive the data is and how damaging a breach or leak would be. It’s called Bearer.

  • bear-publishing

    It's a big ask to put something in your pipeline or test flow, but I really love just using it as a one-off scan as I'm building something new. Kind of like linting, but for security. Right now the main security scan supports ruby and JS/TS codebases. Give it a try—you can use our test repo if you like. Let us know what you think and if there's something you'd like to see added open an issue on GitHub.

  • Onboard AI

    Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts